cat /dev/urandom

Tue Jul 26 23:47:43 GMT 2005

On 7/26/05, Lane <lane at joeandlane.com> wrote:
> On Tuesday 26 July 2005 18:18, Michael Beattie wrote:
> > `cat /dev/urandom` will do just that... it's not also going to run
> > code from within that output.
> >
> > On 7/26/05, Lane <lane at joeandlane.com> wrote:
> > > On Tuesday 26 July 2005 17:35, Michael Beattie wrote:
> > > > On 7/26/05, Matt Juszczak <matt at atopia.net> wrote:
> > > > > Hi all,
> > > > >
> > > > > Quick question.
> > > > >
> > > > > shell# cat /dev/urandom
> > > > >
> > > > > can that executed as root cause any harm to the system?  What if a
> > > > > random sequence of `rm *` was generated... would it be executed?
> > > > >
> > > > > I tried that to fix my terminal and forgot it might cause damage as
> > > > > root, even if its just being cat'd to the screen.  I thought I saw
> > > > > some files fly by which would indicate an execution of `ls`....
> > > > >
> > > > > Just curious....
> > > >
> > > > If you had a file with an rm * in it and you cat'd it would it execute?
> > > > _______________________________________________
> > >
> > > That's a good answer, but what if the command was:
> > >
> > > `cat /dev/urandom`
> > >
> > > could /dev/urandom generate arbitrary and potentially executable code?
> > >
> > > I'm curious, too
> > >
> > > lane
> > > _______________________________________________
> Hmmm.... interesting.
> 
> if I create a file, test, in the current directory like this:
> 
> echo -n ls -al >test
> 
> Then type `cat test`
> 
> I get a directory listing.
> 
> Assuming that /dev/urandom generates something like "ls -al" followed by a
> newline, then it stands to reason that `cat /dev/urandom` will actually
> execute the command "ls -al"
> 
> Why is it that this does not hold true for `cat /dev/urandom` ?
> 
> Still curious
> 

Huh.  Look at that.  I guess I was wrong.  I wonder why...

Maybe the `` makes it "escape" from the shell and so it cats the file
and then when it comes back to the shell it sees the ls -al and runs
it.